Blue Tracker
World of Warcraft Blue Posts
Diablo II: Resurrected Blue Posts
Diablo III Blue Posts
Hearthstone Blue Posts
Overwatch Blue Posts
Heroes of the Storm Blue Posts
Diablo IV Blue Posts
BlizzCon Blue Posts
Warcraft Rumble Blue Posts

Phising email

Forum Avatar
Whopsie
#0 - Aug. 2, 2010, 9:04 a.m.
Blizzard Post
I just got a phishing email from:
wowaccountadmin@blizzard.com

Containing:
"world of warcraft: Cataclysm Beta Test Invitation!

Get those opt-ins ready for the World of Warcraft: Cataclysm closed beta! The sundering of Azeroth is nigh, and you don??t want to be left out in the cold of Northrend when you could be enjoying the sun-drenched beaches on the goblin isle of Kezan. To ensure you??re opted-in and eligible as a potential candidate, you??ll need a World of Warcraft license attached to your Battle.net account, have your current system specifications uploaded to the Battle.net Beta Profile Settings page, and have expressed interest through the franchise-specific check boxes.

Get the Installer - Log in to your Battle.net account: https://us.battle.net/login

** IMPORTANT ** To avoid graphical bugs and other technical issues, please ensure your video card drivers are up-to-date.

Enjoy the game!

Blizzard Entertainment, Inc.

http://www.blizzard.com/support/wowindex"

I've gotten a lot of really fake ones like from
blizzard@wowadmin.com

But this one was from .blizzard somehow.
Gmail said it was sent from hotmail

Can I prevent getting emails like this again? I almost fell for it and I know some people aren't very tech savvy and would fall for more genuine emails such as these.
Forum Avatar
Orlyia
#1 - Aug. 2, 2010, 9:06 a.m.
Blizzard Post
The FROM line in an email is as easy to spoof as writing down a fake return address on an envelope - never trust those.

The internal routing headers will tell you the true sender. In this case, it sounds like gmail already alerted you this came from hotmail. We don't use hotmail :)

This is what is commonly referred to as a phish. That quite literally means someone is ‘fishing’ for information and hoping they get a bite :)

If you look at the top of this forum you’ll see a library of ones that are commonly used (or close variants thereof) under “Fake Emails from Blizzard”

http://forums.worldofwarcraft.com/thread.html?topicId=965511383&sid=1

The proper email to report these is hacks@blizzard.com – you can forward the email, headers intact to that address.

Phishes rely on two primal human emotions and hope they get you to react before you think through what is being asked, greed and fear. They’ll either try to entice with an offer or intimidate with a threat.

We never ‘threaten’ an account action. If we have sufficient cause to think an account has been tampered with or needs locked down, we do it first – we don’t threaten with an ‘or else’ email.

WoW accounts are certainly not the only target of phishers. They send them out purporting to be banks, credit card companies, shipping companies – all aimed at obtaining information the thief can use to your detriment.

We will also NEVER ask for your password, or ask you to sign into some website somewhere not under our domain to login.

One way to check any email is to open up the header in your email program and check to see the actual route and sender. This is done in various ways, depending on your email program, but all can do it. Internal email addresses (what you see at the top of an email) can be spoofed very easily. Where it says it came from under sender is not necessarily true. The header of that email will show the true sender. Many spam programs actually use a comparison of these to flag suspicious emails.

Links in an email are also incredibly easy to spoof and/or redirect. Just because the URL looks legit doesn’t necessarily mean that’s where it really goes. Before clicking ANY link, in ANY email, mouse over the link and look at your bottom browser bar to see where it is reported to actually be destined.